• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.6C
• /
• pp.648-658
• /
• 2003

As the usage of image/video contents increase, a security problem for the payed image data or the ones requiring confidentiality is raised. This paper proposed an image encryption methodology to hide the image information. The target data of it is the result from quantization in wavelet domain. This method encrypts only part of the image data rather than the whole data of the original image, in which three types of data selection methodologies were involved. First, by using the fact that the wavelet transform decomposes the original image into frequency sub-bands, only some of the frequency sub-bands were included in encryption to make the resulting image unrecognizable. In the data to represent each pixel, only MSBs were taken for encryption. Finally, pixels to be encrypted in a specific sub-band were selected randomly by using LFSR(Linear Feedback Shift Register). Part of the key for encryption was used for the seed value of LFSR and in selecting the parallel output bits of the LFSR for random selection so that the strength of encryption algorithm increased. The experiments have been performed with the proposed methods implemented in software for about 500 images, from which the result showed that only about 1/1000 amount of data to the original image can obtain the encryption effect not to recognize the original image. Consequently, we are sure that the proposed are efficient image encryption methods to acquire the high encryption effect with small amount of encryption. Also, in this paper, several encryption scheme according to the selection of the sub-bands and the number of bits from LFSR outputs for pixel selection have been proposed, and it has been shown that there exits a relation of trade-off between the execution time and the effect of the encryption. It means that the proposed methods can be selectively used according to the application areas. Also, because the proposed methods are performed in the application layer, they are expected to be a good solution for the end-to-end security problem, which is appearing as one of the important problems in the networks with both wired and wireless sections.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.39-48
• /
• 2004

An IP address shortage problem is happening with a rapid propagation of the Internet and demands about a new IP address. Address translation technology as NAT is becoming use widely in order to solve these problems. NAT is an very useful If address translation technique that allows two connected networks to use different and incompatible IP address schemes. Rut it is difficult to use NAT particularly for applications that embeded IP addresses in data payloads or encrypted IP packet to guarantee End-to-End Security such as IPSec. In addition to rewiting the source/destination IP address in the packet, NAT must modify IP checksum every time, which could lead to considerablely performance decrease of the overall system in the process of address translation. RSIP is an alternative to solve these disadvantages and address shortage problems of NAT. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable, public address to an RSIP client temporaily to communicate with public network outside the private network. In this paper, I will analyze NAT and RSIP gateway system, and then I will propose the Linux-based RSIP gateway for more efficient IP Address Translation in Intranet environments based on RSIP standard of IETF.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.2
• /
• pp.221-231
• /
• 2013

Exchanging personal health information(PHI) is an essential process of healthcare services using information and communication technology. But the process have the inherent risk of information disclosure, so the PHI should be protected to ensure the reliability of healthcare services. In this paper, we designed encryption module for wearable personal health devices(PHD). A main goal is to guarantee that the real-time encoded and transmitted PHI cannot be allowed to be read, revised and utilized without user's permission. To achieve this, encryption algorithms as DES and 3DES were implemented in modules operating in Telos Rev B(16bit RISC, 8Mhz). And the experiments were performed in order to evaluate the performance of encryption and decryption using vital-sign measured by PHD. As experimental results, an block encryption was measured the followings: DES required 1.802 ms and 3DES required 6.683 ms. Also, we verified the interoperability among heterogeneous devices by testing that the encrypted data in Telos could be decoded in other machines without errors. In conclusion, the encryption module is the method that a PHD user is given the powerful right to decide for authority of accessing his PHI, so it is expected to contribute the trusted healthcare service distribution.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.12
• /
• pp.831-841
• /
• 2014

The attacker can access the RFID systems illegally because authentication operation on the RFID systems are performed in wireless communication. Authentication methods based on the PUF were presented to defend attacks. Because of Hash and AES, the cost is expensive for the low-cost RFID tag. In this paper, the PUF-based encryption processor and the mutual authentication protocol are proposed for low-cost RFID authentication. The challenge-response pairs (PUF's input and output) are utilized as the authentication key and encrypted by the PUF's characteristics. The encryption method is changed each session and XOR operation with random number is utilized. Therefore, it is difficult for the attacker to analyze challenge-response pairs and attack the systems. In addition, the proposed method with PUF is strong against physical attacks. And the method protects the tag cloning attack by physical attacks because there is no authentication data in the tag. Proposed processor is implemented at low cost with small footprint and low power.

• Korean Journal of Optics and Photonics
• /
• v.17 no.3
• /
• pp.231-239
• /
• 2006

In recent years, a hierarchical security architecture has been widely studied because it can efficiently protect information by allowing an authorized user access to the level of information. However, the conventional hierarchical decryption methods require several decryption keys for the high level information. In this paper, we propose a hierarchical image encryption using random phase masks and Walsh code having orthogonal characteristics. To decrypt the hierarchical level images by only one decryption key, we combine Walsh code into the hierarchical level system. For encryption process, we first perform a Fourier transform for the multiplication results of the original image and the random phase mask, and then expand the transformed pattern to be the same size and shape of Walsh code. The expanded pattern is finally encrypted by multiplying with the Walsh code image and the binary phase mask. We generate several encryption images as the same encryption process. The reconstruction image is detected on a CCD plane by a despread process and Fourier transform for the multiplication result of encryption image and hierarchical decryption keys which are generated by Walsh code and binary random phase image. Computer simulations demonstrate that the proposed technique can decrypt hierarchical information by using only one level decryption key image and it has a good robustness to the data loss such as random cropping.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.377-386
• /
• 2003

In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.